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1 . Real Party in Interest. 

The real party in interest in this appeal is Authenticatid LLC. The assignee of the above- 
referenced patent application is Authenticatid Corporation. 



2 . Related Appeals and Interferences. 

There are no related appeals and/or interferences involving this application or its subject 

matter. 



3. Status of Claims. 

All of the pending claims, namely Claims 1-97, stand rejected and are the subject of the 
present appeal. 
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4 . Status of Amendments. 

There are no unentered amendments in this application. 

5 . Summary of Claimed Subject Matter. 

The claimed invention will now be summarized with references to passages of the 
specification and drawings. It should be understood, however, that the references are provided 
solely for explanatory purposes, and should not otherwise in and of themselves be taken to limit 
the scope of the claimed invention. 

Relative to FIGS. 1-5, for example, independent Claim 1 recites an apparatus 16 
including a processor 28 configured to send, to a client 12, a set of a plurality of labels 
identifying a respective plurality of elements 22 of an authentication matrix 20. Pat. Appl., page 
12, lines 15-24; page 14, line 29 - page 15, line 6; and FIG. 5, block 46. The authentication 
matrix includes a plurality of elements organized in one or more columns and rows each of 
which includes a respective header 24, where each element is identifiable by a label including a 
column header and row header that identifies the respective column and row of the element. Id. 
at page 9, line 1 - page 10, line 12. In this regard, the set of labels includes the column headers 
and row headers of the respective labels being unknown at the client until the set of labels is sent 
thereto. Id. at page 12, lines 15-24; and page 14, line 29 - page 15, line 6. As also recited, the 
processor is configured to receive a passcode from the client formulated based upon the elements 
identified by the set of labels, and configured to authenticate the client based upon the 
formulated passcode. Id. at page 12, line 25 - page 13, line 15; and page 15, lines 21-28; and 
FIG. 5, blocks 50-56. 

Depending from independent Claim 1, Claim 60 recites that the processor is configured 
to send a set of labels to the client in response to the client effectuating logging in. Pat. Appl., 
FIGS. 19 and 20. As recited, the logging in includes prompting the client for at least one piece 
of identifying information, and receiving the piece(s) of identifying information from the client. 
Id. As also recited, the piece(s) of identifying information include a user name and a password 
associated with a client user. Id. 
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Independent Claim 9 recites an apparatus 12 including a processor 28 configured to 
receive a set of a plurality of labels identifying a respective plurality of elements 22 of an 
authentication matrix 20. Pat. Appl., page 12, lines 15-24; page 14, line 29 - page 15, line 6; and 
FIG. 5, block 46. The authentication matrix includes a plurality of elements organized in one or 
more columns and rows each of which includes a respective header 24, where each element is 
identifiable by a label including a column header and row header that identifies the respective 
column and row of the element. Id. at page 9, line 1 - page 10, line 12. In this regard, the set of 
labels includes the column headers and row headers of the respective labels being unknown at 
the apparatus until the set of labels is received by the processor. Id. at page 12, lines 15-24; and 
page 14, line 29 - page 1 5, line 6. As also recited, the processor is configured to formulate or 
receive a formulated passcode based upon the elements identified by the received set of labels to 
thereby enable authentication of the apparatus or a user of the apparatus based upon the 
formulated passcode. Id. at page 12, line 25 -page 13, line 15; and page 15, lines 21-28; and 
FIG. 5, blocks 50-56. 

Depending from independent Claim 9, Claim 62 recites that the processor is configured 
to receive a set of labels in response to the apparatus or user effectuating logging in. Pat. Appl., 
FIGS. 19 and 20. As recited, the logging in includes the apparatus or user being prompted for at 
least one piece of identifying information, and sending the piece(s) of identifying information. 
Id. As also recited, the piece(s) of identifying information include a user name and a password 
associated with the user. Id. 

Independent Claim 17 recites a method of authenticating a client 12 including sending, to 
a client, a set of a plurality of labels identifying a respective plurality of elements 22 of an 
authentication matrix 20. Pat. Appl., page 12, lines 15-24; page 14, line 29 - page 15, line 6; and 
FIG. 5, block 46. The authentication matrix includes a plurality of elements organized in one or 
more columns and rows each of which includes a respective header 24, where each element is 
identifiable by a label including a column header and row header that identifies the respective 
column and row of the element. Id. at page 9, line 1 - page 10, line 12. In this regard, the set of 
labels includes the column headers and row headers of the respective labels being unknown at 
the client until the set of labels is sent thereto. Id. at page 12, lines 15-24; and page 14, line 29 - 
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page 15, line 6. As also recited, the method includes receiving a passcode formulated based 
upon the elements identified by the received set of labels, and authenticating the client based 
upon the formulated passcode. Id. at page 12, line 25 - page 13, line 15; and page 15, lines 21- 
28; and FIG. 5, blocks 50-56. 

Depending from independent Claim 17, Claim 64 recites that sending a set of labels 
includes sending a set of labels in response to effectuating logging in. Pat. Appl., FIGS. 19 and 
20. As recited, the logging in includes prompting the client for at least one piece of identifying 
information, and receiving the piece(s) of identifying information. Id. As also recited, the 
piece(s) of identifying information include a user name and a password associated with a client 
user. Id. 

Independent Claim 25 recites a computer program product for authenticating a client 12, 
where the computer program product includes at least one computer-readable storage medium 
having computer-readable program code portions stored therein. Pat. Appl, page 26, line 5 - 
page 27, line 5. As recited, the computer-readable program code portions include a first 
executable portion configured to send, to a client, a set of a plurality of labels identifying a 
respective plurality of elements 22 of an authentication matrix 20. Id. at page 12, lines 15-24; 
page 14, line 29 - page 15, line 6; and FIG. 5, block 46. The authentication matrix include a 
plurality of elements organized in one or more columns and rows each of which includes a 
respective header 24, where each element is identifiable by a label including a column header 
and row header that identifies the respective column and row of the element. Id. at page 9, line 1 
- page 10, line 12. In this regard, the set of labels include the column headers and row headers 
of the respective labels being unknown at the client until the set of labels is sent thereto. Id. at 
page 12, lines 15-24; and page 14, line 29 - page 15, line 6. As also recited, the computer- 
readable program code portions include a second executable portion configured to receive a 
passcode formulated based upon the elements identified by the received set of labels, and a third 
executable portion configured to authenticate the client based upon the formulated passcode. Id. 
at page 12, line 25 - page 13, line 15; and page 15, lines 21-28; and FIG. 5, blocks 50-56. 

Depending from independent Claim 25, Claim 66 recites that the first executable portion 
is configured to send a set of labels in response to effectuating logging in. Pat. Appl., FIGS. 19 
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and 20. As recited, the logging in includes prompting the client for at least one piece of 
identifying information, and receiving the piece(s) of identifying information. Id. As also 
recited, the piece(s) of identifying information include a user name and a password associated 
with a client user. Id. 

Independent Claim 33 recites an apparatus 16 including a processor 28 configured to 
send, to a client 12, a set of a plurality of labels identifying a respective plurality of elements 22 
of a matrix 20. Pat. Appl., page 12, lines 15-24; page 14, line 29 - page 15, line 6; and FIG. 5, 
block 46. The matrix includes a plurality of elements organized in one or more columns and 
rows each of which includes a respective header 24, where each element is identifiable by a label 
including a column header and a row header that identifies the respective column and row of the 
element. Id. at page 9, line 1 - page 10, line 12. In this regard, the set of labels includes the 
column headers and row headers of the respective labels being unknown at the client until the set 
of labels is sent thereto. Id. at page 12, lines 15-24; and page 14, line 29 - page 15, line 6. As 
also recited, the processor is configured to receive a response from the client formulated based 
upon the elements identified by the received set of labels. Id. at page 12, line 25 - page 13, line 
15; and page 15, lines 21-28; and FIG. 5, blocks 50-56. 

Depending from independent Claim 33, Claim 68 recites that the processor is configured 
to send a set of labels to the client in response to effectuating logging in. Pat. Appl., FIGS. 19 
and 20. As recited, the logging in includes prompting the client for at least one piece of 
identifying information, and receiving the piece(s) of identifying information. Id. As also 
recited, the piece(s) of identifying information include a user name and a password associated 
with a client user. Id. 

Independent Claim 42 recites an apparatus 12 including a processor 28 configured to 
receive a set of a plurality of labels identifying a respective plurality of elements 22 of a matrix 
20. Pat. Appl., page 12, lines 15-24; page 14, line 29 - page 15, line 6; and FIG. 5, block 46. 
The matrix includes a plurality of elements organized in one or more columns and rows each of 
which includes a respective header 24, where each element is identifiable by a label including a 
column header and a row header that identifies the respective column and row of the element. 
Id. at page 9, line 1 - page 10, line 12. In this regard, the set of labels includes the column 
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headers and row headers of the respective labels being unknown at the apparatus until the set of 
labels is received by the processor. Id. at page 12, lines 15-24; and page 14, line 29 - page 15, 
line 6. As also recited, the client is configured to formulate or receive a formulated response 
based upon the elements identified by the received set of labels. Id. at page 12, line 25 - page 
13, line 15; and page 15, lines 21-28; and FIG. 5, blocks 50-56. 

Depending from independent Claim 42, Claim 70 recites that the processor is configured 
to receive a set of labels in response to effectuating logging in. Pat. Appl., FIGS. 19 and 20. As 
recited, the logging in includes the apparatus or user being prompted for at least one piece of 
identifying information, and sending the piece(s) of identifying information. Id. As also recited, 
the piece(s) of identifying information includes a user name and a password associated with the 
user. Id. 

Independent Claim 5 1 recites a method that includes sending, to a client 12, a set of a 
plurality of labels identifying a respective plurality of elements 22 of a matrix 20. Pat. Appl., 
page 12, lines 15-24; page 14, line 29 -page 15, line 6; and FIG. 5, block 46. The matrix 
includes a plurality of elements organized in one or more columns and rows each of which 
includes a respective header 24, where each element is identifiable by a label including a column 
header and row header that identifies the respective column and row of the element. Id. at page 
9, line 1 - page 10, line 12. In this regard, the set of labels includes the column headers and row 
headers of the respective labels being unknown at the client until the set of labels is sent thereto. 
Id. at page 12, lines 15-24; and page 14, line 29 - page 15, line 6. As also recited, the method 
includes receiving a response formulated based upon the elements identified by the received set 
of labels. Id. at page 12, line 25 - page 13, line 15; and page 15, lines 21-28; and FIG. 5, blocks 
50-56. 

Depending from independent Claim 51, Claim 72 recites sending a set of labels includes 
sending a set of labels in response to effectuating logging in. Pat. Appl, FIGS. 19 and 20. As 
recited, logging in includes prompting the client for at least one piece of identifying information, 
and receiving the piece(s) of identifying information. Id. As also recited, the piece(s) of 
identifying information include a user name and a password associated with a client user. Id. 
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Independent Claim 74 recites an apparatus including a processor 28 configured to prompt 
a user for at least one piece of identifying information associated with the user, where the user is 
prompted during effectuation of logging in. Pat. Appl., FIGS. 19 and 20. As recited, the 
processor is configured to receive the identifying information in response to prompting the user, 
where the processor receiving of the identifying information invokes an authentication 
procedure. Id. 

As also recited by independent Claim 74, the authentication procedure includes selecting 
a set of labels identifying respective elements 22 of an authentication matrix 20. Pat. Appl., page 
12, lines 15-24; page 14, line 29 - page 15, line 6; and FIG. 5, block 46. The authentication 
matrix includes a plurality of elements organized in one or more columns and rows each of 
which includes a respective header 24, where each element is identifiable by a label including a 
column header and row header that identifies the respective column and row of the element. Id. 
at page 9, line 1 - page 10, line 12. The authentication procedure also includes providing the 
selected set of labels to the user, where the set of selected labels includes the column headers and 
row headers of the respective labels being unknown to the user until the set is provided. Id. at 
page 12, lines 15-24; and page 14, line 29 - page 15, line 6. The authentication procedure 
further includes receiving a passcode from the user in response to providing the set of labels, 
where the passcode has been formulated based upon the elements identified by the provided set 
of labels; and authenticating the user based upon the received passcode. Id. at page 12, line 25 - 
page 13, line 15; and page 15, lines 21-28; and FIG. 5, blocks 50-56. 

Depending from independent Claim 74, dependent Claim 81 recites that the identifying 
information received by the processor includes a user name and a password associated with the 
user. Pat. Appl., FIGS. 19 and 20. 

Independent Claim 82 recites a method for authenticating a user including prompting a 
user for at least one piece of identifying information associated with the user, where the user is 
prompted during effectuation of logging in. Pat. Appl., FIGS. 19 and 20. As recited, the method 
also includes receiving the identifying information in response to prompting the user, where 
receiving of the identifying information invokes an authentication procedure. Id. 
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As also recited by independent Claim 82, the authentication procedure includes selecting 
a set of labels identifying respective elements 22 of an authentication matrix 20. Pat. Appl., page 
12, lines 15-24; page 14, line 29 - page 15, line 6; and FIG. 5, block 46. The authentication 
matrix includes a plurality of elements organized in one or more columns and rows each of 
which includes a respective header 24, where each element is identifiable by a label including a 
column header and row header that identifies the respective column and row of the element. Id. 
at page 9, line 1 - page 10, line 12. The authentication procedure also includes providing the 
selected set of labels to the user, where the set of selected labels includes the column headers and 
row headers of the respective labels being unknown to the user until the set is provided. Id. at 
page 12, lines 15-24; and page 14, line 29 - page 15, line 6. The authentication procedure 
further includes receiving a passcode from the user in response to providing the set of labels, 
where the passcode has been formulated based upon the elements identified by the provided set 
of labels; and authenticating the user based upon the received passcode. Id. at page 12, line 25 - 
page 13, line 15; and page 15, lines 21-28; and FIG. 5, blocks 50-56. 

Depending from independent Claim 82, Claim 89 recites that prompting a user comprises 
prompting a user for identifying information including a user name and a password associated 
with the user. Pat. Appl, FIGS. 19 and 20. 

Independent Claim 90 recites a computer program product for authenticating a user, 
where the computer program product includes at least one computer-readable storage medium 
having computer-readable program code portions stored therein. Pat. Appl., page 26, line 5 - 
page 27, line 5. As recited, the computer-readable program code portions include a first 
executable portion configured to prompt a user for at least one piece of identifying information 
associated with the user, where the user is prompted during effectuation of logging in. Id. at 
FIGS. 19 and 20. The computer-readable program code portions also include a second 
executable portion configured to receive the identifying information in response to prompting the 
user, where the second executable portion receiving of the identifying information invokes an 
authentication procedure. Id. 

As also recited by independent Claim 90, the authentication procedure includes selecting 
a set of labels identifying respective elements 22 of an authentication matrix 20. Pat. Appl, page 
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12, lines 15-24; page 14, line 29 - page 15, line 6; and FIG. 5, block 46. The authentication 
matrix includes a plurality of elements organized in one or more columns and rows each of 
which includes a respective header 24, where each element is identifiable by a label including a 
column header and row header that identifies the respective column and row of the element. Id. 
at page 9, line 1 - page 10, line 12. The authentication procedure also includes providing the 
selected set of labels to the user, where the set of selected labels includes the column headers and 
row headers of the respective labels being unknown to the user until the set is provided. Id. at 
page 12, lines 15-24; and page 14, line 29 - page 15, line 6. The authentication procedure 
further includes receiving a passcode from the user in response to providing the set of labels, 
where the passcode has been formulated based upon the elements identified by the provided set 
of labels; and authenticating the user based upon the received passcode. Id. at page 12, line 25 - 
page 13, line 15; and page 15, lines 21-28; and FIG. 5, blocks 50-56. 

Depending from independent Claim 90, Claim 97 recites that the first executable portion 
is configured to prompt a user for identifying information comprising a user name and a 
password associated with the user. Pat. Appl., FIGS. 19 and 20. 

6. Grounds of Rejection to be Reviewed on Appeal. 

All of the pending claims, namely Claims 1-97, stand rejected under 35 U.S.C. § 102(b) 
as being anticipated by U.S. Patent Application Publication No. 2002/0013904 to Gardner. This 
singular rejection of Claims 1-97 is the subject of this appeal. 

7. Argument. 

As indicated above, Claims 1-97 stand rejected being anticipated by Gardner. As 
explained below, Appellant submits that the claimed invention is patentably distinct from 
Gardner. In view of the remarks presented herein, Appellant respectfully requests 
reconsideration of the application and reversal of the rejection of all of the pending claims 
thereof. 
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A. Claims 1-73 are Patentable 

According to one aspect of the claimed invention, as reflected by independent Claim 1, 
an apparatus is provided that includes a processor configured to send, to a client, a set of a 
plurality of labels identifying a respective plurality of elements of an authentication matrix. As 
recited, the authentication matrix includes a plurality of elements organized in one or more 
columns and rows each of which includes a respective header, each element being identifiable by 
a label including a column header and row header that identifies the respective column and row 
of the element. As also recited, the set of labels including the column headers and row headers 
of the respective labels is unknown at the client until the set of labels is sent thereto. The 
processor is configured to receive a passcode from the client formulated based upon the elements 
identified by the set of labels, and configured to authenticate the client based upon the 
formulated passcode. 

As stated in the MPEP, anticipation of the claimed invention requires the cited reference 
to explicitly or inherently teach each and every element of the claimed invention. MPEP § 2131, 
citing Verdegaal Bros. v. Union Oil Co. of California, 814 F.2d 628, 631, 2 USPQ2d 1051, 1053 
(Fed. Cir. 1987). In contrast to independent Claim 1, Gardner does not expressly or inherently 
teach an apparatus for authenticating a client in which a set of labels including column and row 
headers identifying columns and rows of a matrix including elements from which a passcode is 
formulated are unknown at the client until that set is sent to the client . As previously explained, 
Gardner discloses a method of remote authentication for secure system access and payment 
systems, in which the method makes use of a variable PIN (VPIN) which may vary across 
different occasions of use. As disclosed, the VPIN (alleged passcode) may be derived from 
numbers or letters (alleged elements) that may be randomly generated and held in a matrix or 
grid (alleged authentication matrix) available to the user, where those numbers/letters may be 
identified by grid references (alleged labels). In every embodiment of Gardner, however, the 
user knows upfront the grid references identifying the numbers/letters from which the VPIN is 
derived. In fact, Gardner explicitly discloses that "these grid references may relate to such things 
as the Weekday, the Date, the Month, the Use number for that day, the Time of day to the last 
complete hour, or indeed any other method of precisely indicating which grid reference applies 
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to a particular and specific use ." Gardner, paragraph [0033] (emphasis added). The set labels 
including column and row headers of the matrix from which the passcode of independent Claim 
1 is derived, on the other hand, are unknown at the client until sent thereto. 

In FIGS. 3 and 4, Gardner discloses two embodiments of a grid or matrix. But only one 
of those grids, shown in FIG. 3 (reproduced below), includes headers that one could argue 
corresponds to column and row headers similar to independent Claim 1. See Gardner, FIG. 3; 
and paragraph [0055] (explaining that "individual characters constituting VPIN elements are 
identified by reference to column headings 32 and row labels 33"). The other grid, shown in 
FIG. 4 (reproduced below), does not include column headings 32 and row labels 33, and instead 
includes a singular reference for each of its series of letters or digits 31. See id., FIG. 4; and 
paragraph [0069] (explaining that the letters or digits are "identified by a column heading locator 
reference 41 above each character"). Thus, at best, one could argue that the matrix of FIG. 3 of 
Gardner is similar to the authentication matrix of independent Claim 1 . 
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Gardner discloses two primary manners of authentication based on a VPIN derived from 
a grid, namely a non-interactive manner and an interactive manner, again, both of which include 
the user knowing upfront the column headings 32 and row labels 33 (column and row headers) 
identifying the numbers/letters from which a VPIN is derived. Indeed, the fact that the user 
knows upfront the grid references enables the non-interactive manner of authenticating that user. 
According to independent Claim 1, on the other hand, the set of labels including column and row 
headers are not known by the client until the labels are provided to the client. 

In only the interactive manner of authentication are grid references sent to the user, 
similar to independent Claim 1 sending a set of labels to a client. In the interactive manner, 
Gardner may disclose particular numbers/letters identified by grid references and their order 
within a derived VPIN being unknown to the user until their selection by a master system. But 
even in this embodiment, the user still knows the column headings 32 and row labels 33 (column 
and row headers) from which those numbers/letters are selected. The client of independent 
Claim 1, on the other hand, does not know the set of labels including the column and row 
headers of the respective labels (the elements of which a passcode is formulated) ahead of being 
sent that set of labels. And at least due to the fact that the user knows upfront the column 
headings 32 and row labels 33 (column and row headers) enables the non-interactive manner of 
authenticating that user, Appellant respectfully submits that there is no apparent reason to modify 
Gardner to include this feature. 

Appellant notes that the Examiner has proffered a "nested matrix" interpretation of 
Gardner in which each cell of Gardner's grid is a "nested matrix" or "nested grid" including a 
single row and a number of "nested columns" corresponding to the number of numbers/letters in 
the respective cells. According to this interpretation, for the grid shown in FIG. 3, each cell 
includes a single row and three nested columns - one nested column for each of the three 
numbers (e.g., "489") in the respective cell. As explained by the Examiner, then, in the 
interactive manner of authentication, the system may prompt the user for some but not all of the 
numbers/letters of a known cell; and as such, although a cell may be known to the user, the 
particular digits from the cell - and thus the corresponding nested columns - that are used to 
derive a VPIN may be unknown. That is, although a cell including the numbers "489" may be 
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known to the user, the system may only prompt the user for the third digit (i.e., "9") and that this 
prompting, as opposed to prompting for all three digits or any of the other digits, is unknown to 
the user beforehand. 

Even in the "nested matrix" interpretation of Gardner, however, the user does know the 
row (or row label 33) of the matrix before being prompted for the VPIN. According to 
independent Claim 1, on the other hand, matrix labels including both column and row headers 
are unknown before the client receives those labels. As in the non-interactive embodiment, in 
the interactive embodiment of Gardner, the cell of Gardner's matrix is known to the user as it is 
pinpointed, for example, by the current date or time. Even given an unknown "nested column 
header" interpretation of Gardner as suggested, Gardner does not also have an unknown "nested 
row label." The claimed invention, which does not base cell selection on information known to 
the user outside of the authentication scheme, recites that labels including both column and row 
headers are unknown before their receipt by the user. 

Appellant notes that the aforementioned remarks as to the "nested matrix" interpretation 
were presented to the Examiner by Appellant's representative during a telephone interview with 
the Examiner on January 15, 2009. In response, the Examiner suggested that Gardner could be 
interpreted such that each section of time on Gardner's matrix could be interpreted as a separate 
row. According to this interpretation, with respect to FIG. 4, Gardner's matrix includes a 
separate row for the weekday, date, month and time; each section of time corresponding to a 
separate row. And under this interpretation, the Examiner further suggested that in the 
interactive manner of authentication, the system may prompt the user for letters/numbers from 
some but not all of the sections of time (i.e., rows). Thus as argued by the Examiner, although 
the sections of time may be known to the user, the sections - and thus the corresponding rows - 
that are used to derive a VPIN may be unknown. That is, although the particular row for each of 
the weekday, date, month and time may be known to the user, the system may only prompt the 
user for digits from the weekday and month sections (rows) and that this prompting, as opposed 
to prompting for digits from all of the sections (and hence rows) or any of the other sections, is 
unknown to the user beforehand. 
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Contrary to the aforementioned, Appellant respectfully submits that Gardner does not 
explicitly disclose that a user may be prompted for digits for some sections of time but not 
others, and that the sections from which the user is prompted for digits are unknown to the user 
before being received , similar to independent Claim 1 reciting that matrix labels including both 
column and row headers are unknown before being received. More particularly, Gardner does 
not explicitly disclose a user having a VPIN code card having multiple sections for different 
measures of time, but is prompted for digits from some but not all of those sections. In all 
disclosed embodiments of Gardner implementing the interactive manner of authentication, the 
user is prompted for digits from all of the sections of time present on its VPIN code card. 

Not only does Gardner not explicitly disclose the aforementioned feature, but Gardner 
also does not inherently disclose the feature of independent Claim 1 . Appellant notes that to 
establish inherency, evidence must make clear that the missing descriptive matter is necessarily 
present in the prior art, and would be recognized as being present in the prior art by those skilled 
in the art. In re Robertson, 169 F.3d 743, 745 (Fed. Cir. 1999) (citing Continental Can Co. v. 
Monsanto Co., 948 F.2d 1264, 1268 (Fed. Cir. 1991)). "Inherency, however, may not be 
established by probabilities or possibilities. The mere fact that a certain thing may result from a 
given set of circumstances is not sufficient." Id. (citing Continental Can Co., 948 F.2d at 1269) 
(emphasis added). In the instant case, Gardner does not necessarily , if not explicitly, disclose the 
aforementioned feature of independent Claim 1. 

Appellant acknowledges that Gardner illustrates a time section in its VPIN code card of 
FIG. 4 and that in its disclosed example 2 relative to that code card, Gardner does not disclose its 
user being prompted for a digit from that section. But as expressly disclosed by Gardner, "time 
of authentication is featured on the VPIN Code Card in FIG. 4 but not further illustrated." 
Gardner, paragraph [0069]. Thus, even given the lack of explicit disclosure of the user not being 
prompted for digits from a time section of a VPIN code card, Gardner does not necessarily 
(inherently) disclose that the sections (rows) from the card from which the user is being 
prompted for digits are unknown to the user until being prompted , similar to the matrix labels of 
independent Claim 1 . 
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Appellant therefore respectfully submits that independent Claim 1, and by dependency 
Claims 2-8, 60 and 61, is patentably distinct from Gardner. Independent Claims 9, 17, 25, 33, 42 
and 51 include subject matter similar to that of independent Claim 1, including a set of labels 
including columns/rows of a matrix including elements from which a passcode is formulated are 
unknown at the client until that set is sent to or received by the client. Thus, Appellant also 
respectfully submits that independent Claims 9, 17, 25, 33, 42 and 51, and by dependency 
Claims 10-16, 18-24, 26-32, 34-41, 43-50, 52-59 and 62-73, are also patentably distinct from 
Gardner, for at least the reasons given above with respect to independent Claim 1 . 

/. Dependent Claims 

In addition to the above reasons, Appellant respectfully submits that various ones of 
dependent Claims 2-8, 10-16, 18-24, 26-32, 34-41, 43-50 and 52-73 recite features further 
patentably distinct from Gardner. For example, dependent Claim 60 (and similarly Claims 62, 
64, 66, 68, 70 and 72) recites that the processor is configured to send a set of labels to the client 
in response to the client effectuating logging in, where the logging in includes prompting the 
client for at least one piece of identifying information, and receiving the piece(s) of identifying 
information from the client. As recited, the piece(s) of identifying information include a user 
name and a password associated with a client user. This feature is also absent from Gardner. 

For the aforementioned feature of the claimed invention, the final Official Action cites 
paragraphs [0041] and [0042] of Gardner in which Gardner discloses a method of registering a 
user to use the disclosed VPIN system. As disclosed, Gardner's method of registering a user 
includes the user supplying a master system with requested information including a name, 
address, proof of identity and a fixed personal identification number (PIN). However, Gardner 
does not explicitly or inherently disclose its user providing any identifying information as part of 
the user effectuating logging in to the master system or any other system, or that the user's 
identifying information includes a username and password. And Gardner does not explicitly or 
inherently disclose that its master system responds to any user logging in or other user 
registration by sending column headers and row labels, similar to dependent Claim 60 (and 
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similarly Claims 62, 64, 66, 68, 70 and 72) responding to the client effectuating logging in by 
sending a set of labels to the client. 

Appellant notes that one may argue that the PIN of Gardner corresponds to a password. 
But even given this interpretation, Gardner does not teach or suggest that its PIN is provided as 
part of a logging in to which its system is responsive to authenticate a user, similar to the claimed 
invention. Instead, as per Gardner, its PIN is provided as part of the authentication itself, the 
PIN being included as part of Gardner's VPIN. 

B. Claims 74-97 are Patentable 

According to another aspect of the claimed invention, as reflected by independent Claim 
74, an apparatus is provided that includes a processor configured to prompt a user for at least one 
piece of identifying information associated with the user, where the user is prompted during 
effectuation of logging in. As recited, the processor is configured to receive the identifying 
information in response to prompting the user, where the processor receiving of the identifying 
information invokes an authentication procedure. The authentication procedure includes 
selecting a set of labels identifying respective elements of an authentication matrix. The 
authentication matrix includes a plurality of elements organized in one or more columns and 
rows each of which includes a respective header, where each element is identifiable by a label 
including a column header and row header that identifies the respective column and row of the 
element. The authentication procedure also includes providing the selected set of labels to the 
user, where the set of selected labels includes the column headers and row headers of the 
respective labels being unknown to the user until the set is provided. Further, the authentication 
procedure includes receiving a passcode from the user in response to providing the set of labels, 
where the passcode has been formulated based upon the elements identified by the provided set 
of labels; and authenticating the user based upon the received passcode. 

As explained above with respect to independent Claim 1 , in contrast to independent 
Claim 74, Gardner does not expressly or inherently teach an apparatus for authenticating a client 
in which a set of labels are provided to a user, where the labels include column and row headers 
identifying columns and rows of a matrix are unknown at the client until that set is provided to 
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the user . In further contrast to independent Claim 74, Gardner does not teach or suggest 
prompting a user for identifying information during effectuation of logging in , where receipt of 
the identifying information invokes the authentication procedure by which the set of labels are 
provided to the user. 

For the logging in feature of the claimed invention, the final Official Action again cites 
paragraphs [0041] and [0042] of Gardner. As explained above with respect to dependent Claim 
60, Gardner's method of registering a user includes the user supplying a master system with 
requested information including a name, address, proof of identity and a fixed personal 
identification number (PIN). However, Gardner does not explicitly or inherently disclose its user 
providing any identifying information as part of the user effectuating logging in to the master 
system or any other system. And Gardner does not explicitly or inherently disclose that the user 
providing its identifying information invokes the authentication procedure , similar to 
independent Claim 74. Instead, the user's registration merely enables a subsequent user 
authentication. 

Appellant therefore respectfully submits that independent Claim 74, and by dependency 
Claims 75-81, is patentably distinct from Gardner. Independent Claims 82 and 90 include 
subject matter similar to that of independent Claim 1, including the recited logging in and 
authentication procedure. Thus, Appellant also respectfully submits that independent Claims 82 
and 90, and by dependency Claims 83-89 and 91-97, are also patentably distinct from Gardner, 
for at least the reasons given above with respect to independent Claim 74. 

1. Dependent Claims 

In addition to the above reasons, Appellant respectfully submits that various ones of 
dependent Claims 83-89 and 91-97 recite features further patentably distinct from Gardner. For 
example, dependent Claim 81 (and similarly Claims 89 and 97) recites that the identifying 
information received by the processor comprises a user name and a password associated with the 
user. This feature is also absent from Gardner. 

For the aforementioned feature of the claimed invention, the final Official Action cites 
paragraphs [0041] and [0042] of Gardner in which Gardner discloses a method of registering a 
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user to use the disclosed VPIN system. As disclosed, Gardner's method of registering a user 
includes the user supplying a master system with requested information including a name, 
address, proof of identity and a fixed personal identification number (PIN). However, Gardner 
does not explicitly or inherently disclose that the user's identifying information includes a 
username and password. Appellant notes that one may argue that the PIN of Gardner 
corresponds to a password. But even given this interpretation, Gardner does not teach or suggest 
that its PIN is provided as part of a logging in to which its system is responsive to authenticate a 
user, similar to the claimed invention. Instead, as per Gardner, its PIN is provided as part of the 
authentication itself, the PIN being included as part of Gardner's VPIN. 
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8. Claims Appendix. 

The claims subject to this appeal are as follows: 

1. (Previously Presented) An apparatus comprising: 

a processor configured to send, to a client, a set of a plurality of labels identifying a 
respective plurality of elements of an authentication matrix, the authentication matrix including a 
plurality of elements organized in one or more columns and rows each of which includes a 
respective header, each element being identifiable by a label including a column header and row 
header that identifies the respective column and row of the element, the set of labels including 
the column headers and row headers of the respective labels being unknown at the client until the 
set of labels is sent thereto, 

wherein the processor is configured to receive a passcode from the client formulated 
based upon the elements identified by the set of labels, and wherein the processor is configured 
to authenticate the client based upon the formulated passcode. 

2. (Previously Presented) An apparatus according to Claim 1, wherein the processor 
is configured to send a set of labels, receive a formulated passcode and authenticate the client a 
plurality of times, and wherein the processor is configured to send each set of labels such that the 
sent set of labels differs from each previously sent set of labels. 

3. (Previously Presented) An apparatus according to Claim 1, wherein the processor 
is configured to generate a passcode based upon elements selected from the authentication 
matrix, wherein the processor is configured to send a set of labels identifying the selected 
elements, and wherein the processor is configured to authenticate the client further based upon 
the generated passcode. 

4. (Previously Presented) An apparatus according to Claim 3, wherein the processor 
is configured to provide, to the client, an authentication matrix stored in a database, wherein the 
processor is configured to generate a passcode based upon elements selected from the 
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authentication matrix stored in the database, and wherein the processor is configured to receive a 
passcode formulated based upon elements of the authentication matrix provided to the client 
corresponding to the elements selected from the authentication matrix stored in the database. 

5. (Previously Presented) An apparatus according to Claim 4, wherein the database 
is configured to store a plurality of authentication matrices, each authentication matrix associated 
with a different client, wherein the processor is configured to provide, to the client being 
authenticated, an authentication matrix associated with the respective client, and wherein the 
processor is configured to generate a passcode based upon elements selected from the 
authentication matrix stored in the database and associated with the respective client. 

6. (Previously Presented) An apparatus according to Claim 5, wherein the processor 
is configured to receive at least one piece of identifying information associated with the client 
being authenticated, and thereafter identify, from the plurality of authentication matrices stored 
in the database, the authentication matrix associated with the client being authenticated based 
upon the at least one piece of identifying information, and wherein the processor is configured to 
generate a passcode based upon elements selected from the identified authentication matrix. 

7. (Previously Presented) An apparatus according to Claim 3, wherein the processor 
is configured to generate a passcode further based upon a personal identification number (PIN) 
associated with the client, and wherein the processor is configured to receive a passcode 
formulated further based upon the PIN. 

8. (Previously Presented) An apparatus according to Claim 7, wherein the processor 
is configured to generate a passcode including elements selected from the authentication matrix 
and the PIN in a variable position with respect to the selected elements, wherein the processor is 
configured to receive a passcode formulated to include the identified elements and the PIN in the 
variable position with respect to the identified elements, and wherein the processor being 
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configured to authenticate the client by identifying a match between the generated passcode and 
the formulated passcode. 

9. (Previously Presented) An apparatus comprising: 

a processor configured to receive a set of a plurality of labels identifying a respective 
plurality of elements of an authentication matrix, the authentication matrix including a plurality 
of elements organized in one or more columns and rows each of which includes a respective 
header, each element being identifiable by a label including a column header and row header that 
identifies the respective column and row of the element, the set of labels including the column 
headers and row headers of the respective labels being unknown at the apparatus until the set of 
labels is received by the processor, 

wherein the processor is configured to formulate or receive a formulated passcode based 
upon the elements identified by the received set of labels to thereby enable authentication of the 
apparatus or a user of the apparatus based upon the formulated passcode. 

1 0. (Previously Presented) An apparatus according to Claim 9, wherein the processor 
is configured to receive the set of labels and formulate or receive a formulated passcode a 
plurality of times to thereby enable authentication of the apparatus or user a plurality of times, 
and wherein each set of labels received by the processor differs from each set of labels 
previously received by the processor. 

1 1 . (Previously Presented) An apparatus according to Claim 9, wherein the processor 
is configured to receive a set of labels identifying elements selected from the authentication 
matrix during generation of a passcode, and wherein the processor is configured to formulate or 
receive the formulated passcode to thereby enable authentication of the apparatus or user further 
based upon the generated passcode. 



1 2. (Previously Presented) An apparatus according to Claim 1 1 , wherein an 
authentication matrix is configured for provision to the apparatus or user from an authenticator 
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configured to store an authentication matrix, wherein the processor is configured to receive a set 
of labels identifying elements selected from the authentication matrix stored by the authenticator, 
and wherein the processor is configured to formulate or receive a formulated passcode based 
upon elements of the authentication matrix provided to the apparatus or user corresponding to the 
elements selected from the authentication matrix stored by the authenticator. 

13. (Previously Presented) An apparatus according to Claim 12, wherein the 
authentication matrix configured for provision to the apparatus or user is associated with the 
respective apparatus or user, the respective authentication matrix being configured for provision 
from an authenticator configured to store a plurality of authentication matrices, each 
authentication matrix associated with a different apparatus or user, and wherein the processor is 
configured to receive a set of labels identifying elements selected from the authentication matrix 
stored by the authenticator and associated with the respective apparatus or user. 

14. (Previously Presented) An apparatus according to Claim 13, wherein the 
processor is configured to send the authenticator at least one piece of identifying information 
associated with the respective apparatus or user to thereby enable the authenticator to identify, 
from the plurality of authentication matrices, the authentication matrix associated with the 
respective apparatus or user based upon the at least one piece of identifying information, and 
wherein the processor is configured to receive a set of labels identifying elements selected from 
the identified authentication matrix. 

15. (Previously Presented) An apparatus according to Claim 1 1 , wherein the 
processor is configured to receive a set of labels identifying elements selected from the 
authentication matrix during generation of a passcode based upon a personal identification 
number (PIN) associated with the processor, and wherein the processor is configured to 
formulate or receive a formulated passcode further based upon the PIN. 
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16. (Previously Presented) An apparatus according to Claim 15, wherein the 
processor is configured to receive a set of labels identifying elements selected from the 
authentication matrix during generation of a passcode including elements selected from the 
authentication matrix and the PIN in a variable position with respect to the selected elements, 
wherein the processor is configured to formulate or receive a formulated passcode including the 
identified elements and the PIN in the variable position with respect to the identified elements to 
thereby enable authentication of the apparatus or user by identifying a match between the 
generated passcode and the formulated passcode. 

1 7. (Previously Presented) A method of authenticating a client comprising: 
sending, to a client, a set of a plurality of labels identifying a respective plurality of 

elements of an authentication matrix, the authentication matrix including a plurality of elements 
organized in one or more columns and rows each of which includes a respective header, each 
element being identifiable by a label including a column header and row header that identifies 
the respective column and row of the element, the set of labels including the column headers and 
row headers of the respective labels being unknown at the client until the set of labels is sent 
thereto; 

receiving a passcode formulated based upon the elements identified by the received set of 
labels; and 

authenticating the client based upon the formulated passcode. 

18. (Previously Presented) A method according to Claim 17, wherein sending a set of 
labels, receiving a passcode and authenticating the client occur a plurality of times, and wherein 
each sent set of labels differs from each previously sent set of labels. 

1 9. (Previously Presented) A method according to Claim 17 further comprising: 
generating a passcode based upon elements selected from the authentication matrix, 
wherein sending a set of labels comprises sending a set of labels identifying the selected 

elements, and 
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wherein authenticating the client comprises authenticating the client further based upon 
the generated passcode. 

20. (Previously Presented) A method according to Claim 19 further comprising: 
providing an authentication matrix to an authenticator, and providing an authentication 

matrix to the client, 

wherein generating a passcode comprises generating a passcode based upon elements 
selected from the authentication matrix provided to the authenticator, and 

wherein receiving a passcode comprises receiving a passcode formulated based upon 
elements of the authentication matrix provided to the client corresponding to the elements 
selected from the authentication matrix provided to the authenticator. 

21 . (Previously Presented) A method according to Claim 20, wherein providing an 
authentication matrix to an authenticator comprises providing a plurality of authentication 
matrices to an authenticator, each authentication matrix associated with a different client, 
wherein providing an authentication matrix to the client comprises providing, to the client being 
authenticated, an authentication matrix associated with the respective client, and 

wherein generating a passcode comprises generating a passcode based upon elements 
selected from the authentication matrix provided to the authenticator and associated with the 
respective client. 

22. (Previously Presented) A method according to Claim 21 further comprising: 
receiving at least one piece of identifying information associated with the client being 

authenticated; and 

identifying, from the plurality of authentication matrices, the authentication matrix 
associated with the client being authenticated based upon the at least one piece of identifying 
information, 

wherein generating a passcode comprises generating a passcode based upon elements 
selected from the identified authentication matrix. 
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23. (Previously Presented) A method according to Claim 19, wherein generating a 
passcode comprises generating a passcode further based upon a personal identification number 
(PIN) associated with the client, and wherein receiving a passcode comprises receiving a 
passcode formulated further based upon the PIN. 

24. (Previously Presented) A method according to Claim 23, wherein generating a 
passcode comprises generating a passcode including elements selected from the authentication 
matrix and the PIN in a variable position with respect to the selected elements, wherein receiving 
a passcode comprises receiving a passcode formulated to include the identified elements and the 
PIN in the variable position with respect to the identified elements, and wherein authenticating 
the client comprises identifying a match between the generated passcode and the formulated 
passcode. 

25. (Previously Presented) A computer program product for authenticating a client, 
the computer program product comprising at least one computer-readable storage medium 
having computer-readable program code portions stored therein, the computer-readable program 
code portions comprising: 

a first executable portion configured to send, to a client, a set of a plurality of labels 
identifying a respective plurality of elements of an authentication matrix, the authentication 
matrix including a plurality of elements organized in one or more columns and rows each of 
which includes a respective header, each element being identifiable by a label including a 
column header and row header that identifies the respective column and row of the element, the 
set of labels including the column headers and row headers of the respective labels being 
unknown at the client until the set of labels is sent thereto; 

a second executable portion configured to receive a passcode formulated based upon the 
elements identified by the received set of labels; and 

a third executable portion configured to authenticate the client based upon the formulated 
passcode. 
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26. (Previously Presented) A computer program product according to Claim 25, 
wherein the first, second and third executable portions are configured to send a set of labels, 
receive a passcode and authenticate the client, respectively, a plurality of times, and wherein 
each set of labels sent by the first executable portion differs from each set of labels previously 
sent by the first executable portion. 

27. (Previously Presented) A computer program product according to Claim 25, 
wherein the computer-readable program code portions further comprise: 

a fourth executable portion configured to generate a passcode based upon elements 
selected from the authentication matrix, 

wherein the first executable portion is configured to send a set of labels identifying the 
selected elements, and 

wherein the third executable portion is configured to authenticate the client further based 
upon the generated passcode. 

28. (Previously Presented) A computer program product according to Claim 27, 
wherein the computer-readable program code portions further comprise: 

a fifth executable portion configured to provide an authentication matrix to an 
authenticator, and provide an authentication matrix to the client, 

wherein the fourth executable portion is configured to generate a passcode based upon 
elements selected from the authentication matrix provided to the authenticator, and 

wherein the second executable portion is configured to receive a passcode formulated 
based upon elements of the authentication matrix provided to the client corresponding to the 
elements selected from the authentication matrix provided to the authenticator. 

29. (Previously Presented) A computer program product according to Claim 28, 
wherein the fifth executable portion is configured to provide a plurality of authentication 
matrices to the authenticator, each authentication matrix associated with a different client, 
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wherein the fifth executable portion is also configured to provide, to the client being 
authenticated, an authentication matrix associated with the respective client, and 

wherein the fourth executable portion is configured to generate a passcode based upon 
elements selected from the authentication matrix provided to the authenticator and associated 
with the respective client. 

30. (Previously Presented) A computer program product according to Claim 29, 
wherein the computer-readable program code portions further comprise: 

a sixth executable portion configured to receive at least one piece of identifying 
information associated with the client being authenticated; and 

a seventh executable portion configured to identify, from the plurality of authentication 
matrices, the authentication matrix associated with the client being authenticated based upon the 
at least one piece of identifying information, 

wherein the fourth executable portion is configured to generate a passcode based upon 
elements selected from the identified authentication matrix. 

3 1 . (Previously Presented) A computer program product according to Claim 27, 
wherein the fourth executable portion is configured to generate a passcode further based upon a 
personal identification number (PIN) associated with the client, and wherein the second 
executable portion is configured to receive a passcode formulated further based upon the PIN. 

32. (Previously Presented) A computer program product according to Claim 3 1 , 
wherein the fourth executable portion is adapted to generate a passcode including elements 
selected from the authentication matrix and the PIN in a variable position with respect to the 
selected elements, wherein the second executable portion is configured to receive a passcode 
formulated to include the identified elements and the PIN in the variable position with respect to 
the identified elements, and wherein the third executable portion is configured to authenticate the 
client by identifying a match between the generated passcode and the formulated passcode. 
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33. (Previously Presented) An apparatus comprising: 

a processor configured to send, to a client, a set of a plurality of labels identifying a 
respective plurality of elements of a matrix, the matrix including a plurality of elements 
organized in one or more columns and rows each of which includes a respective header, each 
element being identifiable by a label including a column header and a row header that identifies 
the respective column and row of the element, the set of labels including the column headers and 
row headers of the respective labels being unknown at the client until the set of labels is sent 
thereto, and wherein the processor is configured to receive a response from the client formulated 
based upon the elements identified by the received set of labels. 

34. (Previously Presented) An apparatus according to Claim 33, wherein the 
processor is configured to send a set of labels, and receive a formulated response a plurality of 
times, and wherein the processor is configured to send each set of labels such that the sent set of 
labels differs from each previously sent set of labels. 

35. (Previously Presented) An apparatus according to Claim 33, wherein the matrix 
comprises an authentication matrix, wherein the processor is configured to receive a response 
comprising a formulated passcode, and wherein the processor is configured to authenticate the 
client based upon the formulated passcode. 

36. (Previously Presented) An apparatus according to Claim 35, wherein the 
processor is configured to generate a passcode based upon elements selected from the 
authentication matrix, wherein the processor is configured to send a set of labels identifying the 
selected elements, and wherein the processor is configured to authenticate the client further 
based upon the generated passcode. 

37. (Previously Presented) An apparatus according to Claim 36, wherein the 
processor is capable of providing, to the client, an authentication matrix stored in a database, 
wherein the processor is configured to generate a passcode based upon elements selected from 
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the authentication matrix stored in the database, and wherein the processor is configured to 
receive a passcode formulated based upon elements of the authentication matrix provided to the 
client corresponding to the elements selected from the authentication matrix stored in the 
database. 

38. (Previously Presented) An apparatus according to Claim 37, wherein the database 
is configured to store a plurality of authentication matrices, each authentication matrix associated 
with a different client, wherein the processor is configured to provide, to the client being 
authenticated, an authentication matrix associated with the respective client, and wherein the 
processor is configured to generate a passcode based upon elements selected from the 
authentication matrix stored in the database and associated with the respective client. 

39. (Previously Presented) An apparatus according to Claim 38, wherein the 
processor is configured to receive at least one piece of identifying information associated with 
the client being authenticated, and thereafter identify, from the plurality of authentication 
matrices stored in the database, the authentication matrix associated with the client being 
authenticated based upon the at least one piece of identifying information, and wherein the 
processor is configured to generate a passcode based upon elements selected from the identified 
authentication matrix. 

40. (Previously Presented) An apparatus according to Claim 36, wherein the 
processor is configured to generate a passcode further based upon a personal identification 
number (PIN) associated with the client, and wherein the processor is configured to receive a 
passcode formulated further based upon the PIN. 

41 . (Previously Presented) An apparatus according to Claim 40, wherein the 
processor is configured to generate a passcode including elements selected from the 
authentication matrix and the PIN in a variable position with respect to the selected elements, 
wherein the processor is configured to receive a passcode formulated to include the identified 
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elements and the PIN in the variable position with respect to the identified elements, and wherein 
the processor is configured to authenticate the client by identifying a match between the 
generated passcode and the formulated passcode. 

42. (Previously Presented) An apparatus comprising: 

a processor configured to receive a set of a plurality of labels identifying a respective 
plurality of elements of a matrix, the matrix including a plurality of elements organized in one or 
more columns and rows each of which includes a respective header, each element being 
identifiable by a label including a column header and a row header that identifies the respective 
column and row of the element, the set of labels including the column headers and row headers 
of the respective labels being unknown at the apparatus until the set of labels is received by the 
processor, wherein the client is configured to formulate or receive a formulated response based 
upon the elements identified by the received set of labels. 

43. (Previously Presented) An apparatus according to Claim 42, wherein the 
processor is configured to receive the set of labels and formulating a response a plurality of 
times, and wherein each set of labels received by the processor differs from each set of labels 
previously received by the processor. 

44. (Previously Presented) An apparatus according to Claim 42, wherein the 
processor is configured to receive the set of labels identifying elements of an authentication 
matrix, and wherein the processor is configured to formulate or receive a formulated response 
comprising a passcode to thereby enable authentication of the apparatus or a user of the 
apparatus based upon the formulated passcode. 

45. (Previously Presented) An apparatus according to Claim 42, wherein the 
processor is configured to receive a set of labels identifying elements selected from the 
authentication matrix during generation of a passcode, and wherein the processor is configured to 
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formulate or receive the formulated passcode to thereby enable authentication of the apparatus or 
user further based upon the generated passcode. 

46. (Previously Presented) An apparatus according to Claim 45, wherein an 
authentication matrix is configured for provision to the apparatus or user from an authenticator 
configured to store an authentication matrix, wherein the processor is configured to receive a set 
of labels identifying elements selected from the authentication matrix stored by the authenticator, 
and wherein the processor is configured to formulate or receive a formulated passcode based 
upon elements of the authentication matrix provided to the apparatus or user corresponding to the 
elements selected from the authentication matrix stored by the authenticator. 

47. (Previously Presented) An apparatus according to Claim 46, wherein the 
authentication matrix configured for provision to the apparatus or user is associated with the 
respective apparatus or user, the respective authentication matrix being configured for provision 
from an authenticator configured to store a plurality of authentication matrices, each 
authentication matrix associated with a different apparatus or user, and wherein the processor is 
configured to receive a set of labels identifying elements selected from the authentication matrix 
stored by the authenticator and associated with the respective apparatus or user. 

48. (Previously Presented) An apparatus according to Claim 47, wherein the 
processor is configured to send the authenticator at least one piece of identifying information 
associated with the respective apparatus or user to thereby enable the authenticator to identify, 
from the plurality of authentication matrices, the authentication matrix associated with the 
respective apparatus or user based upon the at least one piece of identifying information, and 
wherein the processor is configured to receive a set of labels identifying elements selected from 
the identified authentication matrix. 

49. (Previously Presented) An apparatus according to Claim 45, wherein the 
processor is configured to receive a set of labels identifying elements selected from the 
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authentication matrix during generation of a passcode based upon a personal identification 
number (PIN) associated with the apparatus or user, and wherein the processor is configured to 
formulate or receive a formulated passcode further based upon the PIN. 

50. (Previously Presented) An apparatus according to Claim 49, wherein the 
processor is configured to receive a set of labels identifying elements selected from the 
authentication matrix during generation of a passcode including elements selected from the 
authentication matrix and the PIN in a variable position with respect to the selected elements, 
wherein the processor is configured to formulate or receive a formulated passcode including the 
identified elements and the PIN in the variable position with respect to the identified elements to 
thereby enable authentication of the apparatus or user by identifying a match between the 
generated passcode and the formulated passcode. 

5 1 . (Previously Presented) A method comprising: 

sending, to a client, a set of a plurality of labels identifying a respective plurality of 
elements of a matrix, the matrix including a plurality of elements organized in one or more 
columns and rows each of which includes a respective header, each element being identifiable by 
a label including a column header and row header that identifies the respective column and row 
of the element, the set of labels including the column headers and row headers of the respective 
labels being unknown at the client until the set of labels is sent thereto; and 

receiving a response formulated based upon the elements identified by the received set of 

labels. 

52. (Previously Presented) A method according to Claim 5 1 , wherein sending a set of 
labels and receiving a response occur a plurality of times, and wherein each received set of labels 
differs from each previously received set of labels. 

53. (Previously Presented) A method according to Claim 51, wherein sending a set of 
labels comprises sending a set of labels identifying elements of an authentication matrix, wherein 
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receiving a response comprises receiving a formulated passcode, and wherein the method further 
comprises: 

authenticating the client based upon the formulated passcode. 

54. (Previously Presented) A method according to Claim 53 further comprising: 
generating a passcode based upon elements selected from the authentication matrix, 
wherein sending a set of labels comprises receiving a set of labels identifying the selected 

elements, and 

wherein authenticating the client comprises authenticating the client further based upon 
the generated passcode. 

55. (Previously Presented) A method according to Claim 54 further comprising: 
providing an authentication matrix to an authenticator, and providing an authentication 

matrix to the client, 

wherein generating a passcode comprises generating a passcode based upon elements 
selected from the authentication matrix provided to the authenticator, and 

wherein receiving a passcode comprises receiving a passcode formulated based upon 
elements of the authentication matrix provided to the client corresponding to the elements 
selected from the authentication matrix provided to the authenticator. 

56. (Previously Presented) A method according to Claim 55, wherein providing an 
authentication matrix to an authenticator comprises providing a plurality of authentication 
matrices to an authenticator, each authentication matrix associated with a different client, 
wherein providing an authentication matrix to the client comprises providing, to the client being 
authenticated, an authentication matrix associated with the respective client, and 

wherein generating a passcode comprises generating a passcode based upon elements 
selected from the authentication matrix provided to the authenticator and associated with the 
respective client. 
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57. (Previously Presented) A method according to Claim 56 further comprising: 
receiving at least one piece of identifying information associated with the client being 

authenticated; and 

identifying, from the plurality of authentication matrices, the authentication matrix 
associated with the client being authenticated based upon the at least one piece of identifying 
information, 

wherein generating a passcode comprises generating a passcode based upon elements 
selected from the identified authentication matrix. 

58. (Previously Presented) A method according to Claim 54, wherein generating a 
passcode comprises generating a passcode further based upon a personal identification number 
(PIN) associated with the client, and wherein receiving a passcode comprises receiving a 
passcode formulated further based upon the PIN. 

59. (Previously Presented) A method according to Claim 58, wherein generating a 
passcode comprises generating a passcode including elements selected from the authentication 
matrix and the PIN in a variable position with respect to the selected elements, wherein receiving 
a passcode comprises receiving a passcode formulated to include the identified elements and the 
PIN in the variable position with respect to the identified elements, and wherein authenticating 
the client comprises identifying a match between the generated passcode and the formulated 
passcode. 

60. (Previously Presented) An apparatus according to Claim 1, wherein the processor 
is configured to send a set of labels to the client in response to the client effectuating logging in, 
logging in including prompting the client for at least one piece of identifying information, and 
receiving the at least one piece of identifying information from the client, the at least one piece 
of identifying information comprising a user name and a password associated with a client user. 
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6 1 . (Previously Presented) An apparatus according to Claim 6, wherein the at least 
one piece of identifying information received by the processor is capable of identifying the client 
to an organization independent of the authentication matrix associated with the client. 

62. (Previously Presented) An apparatus according to Claim 9, wherein the processor 
is configured to receive a set of labels in response to the apparatus or user effectuating logging 
in, logging in including the apparatus or user being prompted for at least one piece of identifying 
information, and sending the at least one piece of identifying information, the at least one piece 
of identifying information comprising a user name and a password associated with the user. 

63. (Previously Presented) An apparatus according to Claim 14, wherein the at least 
one piece of identifying information sent by the processor is capable of identifying the apparatus 
or user to an organization independent of the authentication matrix associated with the respective 
apparatus or user. 

64. (Previously Presented) A method according to Claim 17, wherein sending a set of 
labels comprises sending a set of labels in response to effectuating logging in, logging in 
including prompting the client for at least one piece of identifying information, and receiving the 
at least one piece of identifying information, the at least one piece of identifying information 
comprising a user name and a password associated with a client user. 

65. (Previously Presented) A method according to Claim 22, wherein receiving at 
least one piece of identifying information comprises receiving at least one piece of identifying 
information capable of identifying the client to an organization independent of the authentication 
matrix associated with the client. 

66. (Previously Presented) A computer program product according to Claim 25, 
wherein the first executable portion is configured to send a set of labels in response to 
effectuating logging in, logging in including prompting the client for at least one piece of 
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identifying information, and receiving the at least one piece of identifying information, the at 
least one piece of identifying information comprising a user name and a password associated 
with a client user. 

67. (Previously Presented) A computer program product according to Claim 30, 
wherein the at least one piece of identifying information received by the sixth executable portion 
is capable of identifying the client to an organization independent of the authentication matrix 
associated with the client. 

68. (Previously Presented) An apparatus according to Claim 33, wherein the 
processor is configured to send a set of labels to the client in response to effectuating logging in, 
logging in including prompting the client for at least one piece of identifying information, and 
receiving the at least one piece of identifying information, the at least one piece of identifying 
information comprising a user name and a password associated with a client user. 

69. (Previously Presented) An apparatus according to Claim 39, wherein the at least 
one piece of identifying information received by the processor is capable of identifying the client 
to an organization independent of the authentication matrix associated with the client. 

70. (Previously Presented) An apparatus according to Claim 42, wherein the 
processor is configured to receive a set of labels in response to effectuating logging in, logging in 
including the apparatus or user being prompted for at least one piece of identifying information, 
and sending the at least one piece of identifying information, the at least one piece of identifying 
information comprising a user name and a password associated with the user. 

71 . (Previously Presented) An apparatus according to Claim 48, wherein the at least 
one piece of identifying information sent by the processor is capable of identifying the apparatus 
or user to an organization independent of the authentication matrix associated with the respective 
apparatus or user. 
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72. (Previously Presented) A method according to Claim 51, wherein sending a set of 
labels comprises sending a set of labels in response to effectuating logging in, logging in 
including prompting the client for at least one piece of identifying information, and receiving the 
at least one piece of identifying information, the at least one piece of identifying information 
comprising a user name and a password associated with a client user. 

73. (Previously Presented) A method according to Claim 57, wherein receiving at 
least one piece of identifying information comprises receiving at least one piece of identifying 
information capable of identifying the client to an organization independent of the authentication 
matrix associated with the client. 

74. (Previously Presented) An apparatus comprising: 

a processor configured to prompt a user for at least one piece of identifying information 
associated with the user, the user being prompted during effectuation of logging in, 

wherein the processor is configured to receive the identifying information in response to 
prompting the user, wherein the processor receiving of the identifying information invokes an 
authentication procedure, the authentication procedure comprising: 

selecting a set of labels identifying respective elements of an authentication 

matrix, wherein the authentication matrix includes a plurality of elements organized in 

one or more columns and rows each of which includes a respective header, each element 

being identifiable by a label including a column header and row header that identifies the 

respective column and row of the element; 

providing the selected set of labels to the user, the set of selected labels including 

the column headers and row headers of the respective labels being unknown to the user 

until the set is provided; 

receiving a passcode from the user in response to providing the set of labels, the 

passcode having been formulated based upon the elements identified by the provided set 

of labels; and 
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authenticating the user based upon the received passcode. 

75. (Previously Presented) An apparatus according to Claim 74, wherein the 
processor is configured to prompt the user and receive the identifying information for each of a 
plurality of instances of logging in, and wherein the processor receiving of the identifying 
information for each instance invokes the authentication procedure such that the set of labels 
provided for the respective instance differs between the set of labels provided for each previous 
instance. 

76. (Previously Presented) An apparatus according to Claim 75, wherein the 
processor receiving of the identifying information for each instance invokes the authentication 
procedure such that the received passcode is unique to the respective instance. 

77. (Previously Presented) An apparatus according to Claim 74, wherein the 
processor is configured to receive at least one piece of identifying information such that the 
authentication procedure further comprises: 

identifying, from the plurality of authentication matrices, the authentication matrix 
associated with the client being authenticated based upon the at least one piece of identifying 
information, the selected set of labels identifying elements of the identified authentication 
matrix. 

78. (Previously Presented) An apparatus according to Claim 77, wherein the at least 
one piece of identifying information received by the processor is capable of identifying the client 
to an organization independent of the authentication matrix associated with the client. 

79. (Previously Presented) An apparatus according to Claim 74, wherein the 
processor is configured to receive at least one piece of identifying information such that the 
authentication procedure includes receiving a passcode having been formulated further based 
upon a personal identification number (PIN) associated with the client. 
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80. (Previously Presented) An apparatus according to Claim 79, wherein the 
processor is configured to receive at least one piece of identifying information such that the 
authentication procedure includes receiving a passcode having been formulated including at least 
one element selected from the authentication matrix and the PIN in a predefined position with 
respect to the selected at least one element. 

8 1 . (Previously Presented) An apparatus according to Claim 74, wherein the 
identifying information received by the processor comprises a user name and a password 
associated with the user. 

82. (Previously Presented) A method for authenticating a user comprising: 
prompting a user for at least one piece of identifying information associated with the 

user, the user being prompted during effectuation of logging in; and 

receiving the identifying information in response to prompting the user, wherein 

receiving of the identifying information invokes an authentication procedure, the authentication 

procedure comprising: 

selecting a set of labels identifying respective elements of an authentication 
matrix, wherein the authentication matrix includes a plurality of elements organized in 
one or more columns and rows each of which includes a respective header, each element 
being identifiable by a label including a column header and row header that identifies the 
respective column and row of the element; 

providing the selected set of labels to the user, the set of selected labels including 
the column headers and row headers of the respective labels being unknown to the user 
until the set is provided; 

receiving a passcode from the user in response to providing the set of labels, the 
passcode having been formulated based upon the elements identified by the provided set 
of labels; and 

authenticating the user based upon the received passcode. 
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83. (Previously Presented) A method according to Claim 82, wherein prompting the 
user and receiving the identifying information occur for each of a plurality of instances of 
logging in, and wherein the receiving of the identifying information for each instance invokes the 
authentication procedure such that the set of labels provided for the respective instance differs 
between the set of labels provided for each previous instance. 

84. (Previously Presented) A method according to Claim 83, wherein the receiving of 
the identifying information for each instance invokes the authentication procedure such that the 
received passcode is unique to the respective instance. 

85. (Previously Presented) A method according to Claim 82, wherein receiving at 
least one piece of identifying information comprises receiving at least one piece of identifying 
information such that the authentication procedure further comprises: 

identifying, from the plurality of authentication matrices, the authentication matrix 
associated with the client being authenticated based upon the at least one piece of identifying 
information, the selected set of labels identifying elements of the identified authentication 
matrix. 

86. (Previously Presented) A method according to Claim 85, wherein the received at 
least one piece of identifying information is capable of identifying the client to an organization 
independent of the authentication matrix associated with the client. 

87. (Previously Presented) A method according to Claim 82, wherein receiving at 
least one piece of identifying information comprises receiving at least one piece of identifying 
information at least one piece of identifying information such that the authentication procedure 
includes receiving a passcode having been formulated further based upon a personal 
identification number (PIN) associated with the client. 
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88. (Previously Presented) A method according to Claim 87, wherein receiving at 
least one piece of identifying information comprises receiving at least one piece of identifying 
information such that the authentication procedure includes receiving a passcode having been 
formulated including at least one element selected from the authentication matrix and the PIN in 
a predefined position with respect to the selected at least one element. 

89. (Previously Presented) A method according to Claim 82, wherein prompting a 
user comprises prompting a user for identifying information comprising a user name and a 
password associated with the user. 

90. (Previously Presented) A computer program product for authenticating a user, the 
computer program product comprising at least one computer-readable storage medium having 
computer-readable program code portions stored therein, the computer-readable program code 
portions comprising: 

a first executable portion configured to prompt a user for at least one piece of identifying 
information associated with the user, the user being prompted during effectuation of logging in; 
and 

a second executable portion configured to receive the identifying information in response 
to prompting the user, wherein the second executable portion receiving of the identifying 
information invokes an authentication procedure, the authentication procedure comprising: 
selecting a set of labels identifying respective elements of an authentication 

matrix, wherein the authentication matrix includes a plurality of elements organized in 

one or more columns and rows each of which includes a respective header, each element 

being identifiable by a label including a column header and row header that identifies the 

respective column and row of the element; 

providing the selected set of labels to the user, the set of selected labels including 

the column headers and row headers of the respective labels being unknown to the user 

until the set is provided; 
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receiving a passcode from the user in response to providing the set of labels, the 
passcode having been formulated based upon the elements identified by the provided set 
of labels; and 

authenticating the user based upon the received passcode. 

9 1 . (Previously Presented) A computer program product according to Claim 90, 
wherein the first and second executable portions are configured to prompt the user and receive 
the identifying information for each of a plurality of instances of logging in, and wherein the 
second executable portion receiving of the identifying information for each instance invokes the 
authentication procedure such that the set of labels provided for the respective instance differs 
between the set of labels provided for each previous instance. 

92. (Previously Presented) A computer program product according to Claim 91 , 
wherein the second executable portion receiving of the identifying information for each instance 
invokes the authentication procedure such that the received passcode is unique to the respective 
instance. 

93 . (Previously Presented) A computer program product according to Claim 90, 
wherein the second executable portion is configured to receive at least one piece of identifying 
information such that the authentication procedure further comprises: 

identifying, from the plurality of authentication matrices, the authentication matrix 
associated with the client being authenticated based upon the at least one piece of identifying 
information, the selected set of labels identifying elements of the identified authentication 
matrix. 

94. (Previously Presented) A computer program product according to Claim 93, 
wherein the at least one piece of identifying information received by the second executable 
portion is capable of identifying the client to an organization independent of the authentication 
matrix associated with the client. 
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95. (Previously Presented) A computer program product according to Claim 90, 
wherein the second executable portion is configured to receive at least one piece of identifying 
information such that the authentication procedure includes receiving a passcode having been 
formulated further based upon a personal identification number (PIN) associated with the client. 

96. (Previously Presented) A computer program product according to Claim 95, 
wherein the second executable portion is configured to receive at least one piece of identifying 
information such that the authentication procedure includes receiving a passcode having been 
formulated including at least one element selected from the authentication matrix and the PIN in 
a predefined position with respect to the selected at least one element. 

97. (Previously Presented) A computer program product according to Claim 90, 
wherein the first executable portion is configured to prompt a user for identifying information 
comprising a user name and a password associated with the user. 
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None. 
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1 0 . Related Proceedings Appendix. 
None. 
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CONCLUSION 



For at least the foregoing reasons, Appellant respectfully requests that the rejections be 
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